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Response to Amendment 

This office action is responsive to Applicant's amendment received on 10/5/2007. 
Claim 21 is amended. Claims 1-18, 23-25, 28, and 30 are cancelled. Claims 19-22, 26- 
27, 29, and 31-47 are pending. 

Allowable Subject Matter 

The indicated allowability of claims 19-22, 26-27, 29, and 31-47 is withdrawn in 
view of the newly discovered reference(s) to U.S. Patent No. 5,724,425 to Chang et al. 
and U.S. Patent No. 5,923,884 to Peyret et al. Rejections based on the newly cited 
reference(s) follow. 

Claims 26, 33, 40, 43, and 46 are objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten in independent form including all 
of the limitations of the base claim and any intervening claims. 

Claim Objections 

Claims 19-22, 26, 27, 29, and 31-47 are objected to because of the following 
informalities: Please substitute the limitation "operable" to "configured". Appropriate 
correction is required. 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 19-22, 27, 29, 31-32, 35-39, 41-42, 44-45, and 47 are rejected under 35 

U.S.C. 103(a) as being unpatentable over Levy et al., (U.S. Patent No. 6,092,147 and 

Levy hereinafter), in view of Chang et al., (U.S. Patent No. 5,724,425 and Chang 

hereinafter). 

Regarding claims 19-21 and 29, Levy discloses a computer platform comprising: 
a trusted module which is resistant to internal tampering (col. 7, lines 46-55), 
means for storing license-related code comprising at least one of a secure executor for 
checking whether the computer platform or a user thereof is licensed to use particular 
data and for providing an interface for using the particular data and/or for monitoring its 
usage, and a secure loader for checking whether the computer platform or a user 
thereof is licensed to install particular data and/or for checking for data integrity before 
installation, wherein the license-related code includes, for at least one group of 
particular data, a (or a respective) software executor which specifies the respective 
group of particular data and which is operable to act as an interface to that group of 
particular data (col. 7, lines 15-46), the platform includes an operating system that is 
operable to request the software executor that its respective particular data be used, in 
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response to such a request, that software executor is operable to request the secure 
executor to license-check, using its licensing model, whether the computer platform or a 
user thereof is licensed to use that particular data, in response to such latter request 
(col. 9, lines 39-67), the secure executor is operable to perform the requested license- 
check, to sign the result of the license check using a private key of the trusted module, 
and to respond to that software executor with the signed result, and in response to 
such a response, that software executor is operable: to check the integrity of the signed 
result using the public key of the trusted module (col. 6, lines 10-50), and upon a 
successful integrity check of a successful license-check result, to request the operating 
system to use that particular data (col. 10, lines 1-25). 

Although Levy mentions that the bytecode verification in the bytecode 
authenticator uses a suitable cryptographic computation such as a digital signature 
using an asymmetric cryptographic algorithm (col. 6, lines 10-27), it does not explicitly 
disclose the details of such cryptographic computation. 

However, Chang discloses a trusted module (i.e., passport) which stores a third 
party's public key certificate, means for storing a hashed version of the license-related 
code signed with the third party's private key (col. 8, lines 25-49), and means for 
integrity checking the license-related code with reference to the signed version and the 
public key certificate and preventing the license-related code from being loaded if the 
integrity check fails, and wherein: the software executor (or at least one of the software 
executors) contains a public key of the trusted module and a licensing model for the 
respective particular data (col. 8, lines 25-67 and col. 9, lines 1-47)(i.e., during the 
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verification/integrity checking process, the digital signature in the application writer's 
license is generated by computing the message of the license and encrypting the 
message digest using the platform builder's private key. The original message digest 
can be recovered by decrypting the signature using the platform builder's public 
key)(col. 9, lines 27-67 and col. 10, lines 1-30). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify teachings of Levy with teachings of Chang 
because it would allow including a valid passport as disclosed by Chang in the tamper- 
resistant package of Levy. One of ordinary skill in the art would have been motivated by 
the suggestion of Chang to provide the basis of a trust model and allow computer users 
to identity and determine the genuineness of a software product based on the 
information contained in its passport (Chang, col. 6, lines 24-38). 

Regarding claims 27, 35-37, 41, 44, and 47, Levy discloses a computer platform 
comprising: 

a trusted module which is resistant to internal tampering (col. 7, lines 46-55), 
means for storing license-related code comprising at least one of a secure executor for 
checking whether the computer platform or a user thereof is licensed to use particular 
data and for providing an interface for using the particular data and/or for monitoring its 
usage, and a secure loader for checking whether the computer platform or a user 
thereof is licensed to install particular data and/or for checking for data integrity before 
installation, the secure executor containing at least one licensing model (col. 7, lines 15- 
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46), means for storing a hashed version of the license-related code signed with the third 
party's private key, and means for integrity checking the license-related code with 
reference to the signed version and the public key certificate and preventing the license- 
related code from being loaded if the integrity check fails, wherein the computer 
platform includes an operating system that is operable to request the software executor 
that its respective particular data be used, and in response to such a request, the 
secure executor is operable: to perform a license-check using the, or one of the, 
licensing models (col. 6, lines 10-50), and upon a successful license-check, to request 
the operating system to use that particular data (col. 10, lines 1-25). 

However, Chang discloses a trusted module (i.e., passport) which stores a third 
party's public key certificate, means for storing a hashed version of the license-related 
code signed with the third party's private key (col. 8, lines 25-49), and means for 
integrity checking the license-related code with reference to the signed version and the 
public key certificate and preventing the license-related code from being loaded if the 
integrity check fails (col. 8, lines 25-67 and col. 9, lines 19-67). Chang further discloses 
the computer platform further including a further, [removable], trusted module (col. 3, 
lines 35-37) containing a user identity (i.e., platform builder's public key), wherein the 
computer platform is operable to perform an authentication check between the first- 
mentioned trusted module and the removable trusted module, and wherein, upon 
license license-checking, the secure executor or software executor is operable to 
perform the license-check with reference to the user identity (i.e., during the 
verification/integrity checking process, the digital signature in the application writer's 
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license is generated by computing the message of the license and encrypting the 
message digest using the platform builder's private key. The original message digest 
can be recovered by decrypting the signature using the platform builder's public key) 
(col. 9, lines 27-67 and col. 10, lines 1-30). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify teachings of Levy with teachings of Chang 
because it would allow including a valid passport as disclosed by Chang in the tamper- 
resistant package of Levy. One of ordinary skill in the art would have been motivated by 
the suggestion of Chang to provide the basis of a trust model and allow computer users 
to identity and determine the genuineness of a software product based on the 
information contained in its passport (Chang, col. 6, lines 24-38). 

Regarding claims 22, 31, 38, 42, and 45, Levy discloses wherein the operating 
system is programmed to use the particular data only in response to the secure 
executor or the software executor (col. 10, lines 1-25). 

Chang discloses wherein the operating system is programmed to use the 
particular data only in response to the secure executor or the software executor (col. 8, 
lines 25-48 and col. 10, lines 6-25). 

Regarding claims 31, 32, and 39, Levy discloses wherein the platform includes 
an operating system programmed to install the particular data only in response to the 
trusted module (col. 10, lines 1-25). 
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Chang discloses wherein the platform includes an operating system programmed 
to install the particular data only in response to the trusted module (i.e., passport)(col. 8, 
lines 25-48 and col. 1 0, lines 6-25). 

Claim 34 is rejected under 35 U.S.C. 103(a) as being unpatentable over Levy et 
al., (U.S. Patent No. 6,092,147 and Levy hereinafter), in view of Chang et al., (U.S. 
Patent No. 5,724,425 and Chang hereinafter), in further view of Peyret et al., (U.S. 
Patent No. 5,923,884 and Peyret hereinafter). 

Regarding claim 34, Levy and Chang, alone or in combination, do not disclose 
wherein, if the check succeeds, the secure loader is operable to perform a virus check 
on the particular data. 

However, Peyret discloses wherein, if the check succeeds, the secure loader is 
operable to perform a virus check on the particular data (col. 9, lines 33-57). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the combined teachings of Levy and Chang 
with teachings of Peyret because it would allow the secure loader to perform a virus 
check on the particular data as disclosed by Peyret. One of ordinary skill in the art 
would have been motivated by the suggestion of Peyret to ensure loading secure applet 
code (Peyret, col. 9, lines 33-57). 
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Conclusion 



The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Please see the attached PTO-892 for a complete listing. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Arezoo Sherkat whose telephone number is (571) 272- 
3796. The examiner can normally be reached on 8:00-4:30 Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. a {I 
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